Lucene search

[email protected]CVE-2007-3307

HistoryJun 21, 2007 - 1:30 a.m.

CVE-2007-3307

2007-06-2101:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3307

sql injection

solar empire 2.9.1.1

vulnerability

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.

CPENameOperatorVersion
solar_empire:solar_empiresolar empirele2.9.1.1

CPE	Name	Operator	Version
solar_empire:solar_empire	solar empire	le	2.9.1.1

References

osvdb.org/36303

secunia.com/advisories/25716

www.securityfocus.com/bid/24519

exchange.xforce.ibmcloud.com/vulnerabilities/34909

www.exploit-db.com/exploits/4078

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2007-3307

prion1